package com.js.interceptor;
/*
 * Author：江松
 * Date：2023/4/25 14:05
 */
import com.js.pojo.User;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class AuthenticateInterceptor implements HandlerInterceptor {
    //pre方法特性，如果返回值为false就不会执行请求方法，只有为真才处理请求
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        String uri = httpServletRequest.getRequestURI();
        User user = (User) httpServletRequest.getSession().getAttribute("login");
        // 对用户或管理员开放不同权限
        //用户只能借还书，管理员才能操作书籍
        if (uri.contains("listUserBooks") ||uri.contains("likeBooks") || uri.contains("borrowBook") || uri.contains("returnBook")){
            if (user.getPermission() == 2){
                return true;
            }
        } else {
            if (user.getPermission() == 1){
                return true;
            }
        }
        return false;
    }
}
